Severity High Analysis Summary CVE-2023-25621 Apache Sling could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper access control in […]

Severity Medium Analysis Summary CVE-2023-20016 CVSS:6.3 Cisco FXOS Software and UCS Manager Software could allow a local attacker to obtain sensitive information, caused by a flaw […]

Severity Medium Analysis Summary The malware loader, Bumblebee, is used to download Cobalt Strike and perhaps other malware such as ransomware. It also replaces the BazarLoader […]

Severity High Analysis Summary CVE-2023-20855  VMware vRealize Orchestrator is vulnerable to an XML external entity injection (XXE) attack when processing XML data, caused by a weakly […]

Severity High Analysis Summary According to recent reports, suspected Russian threat actors have been targeting users in the crypto industry in Eastern Europe with fake job […]

Severity Medium Analysis Summary Aurora Stealer is a type of information-stealing malware that targets sensitive information from infected computers. The activities aurora stealer performs are as […]

Severity Medium Analysis Summary CVE-2022-43513 CVSS:8.2 The affected components allow to rename license files with user chosen input without authentication. This could allow an unauthenticated remote […]

Severity High Analysis Summary MustangPanda, aka Bronze President and TA416, has been active since at least 2012. This threat actor targeted government agencies, think tanks, NGOs, […]

Severity High Analysis Summary GandCrab – a ransomware-as-a-service variant – was discovered in early 2018. At least five versions of GandCrab have been created since its […]